Testimonials for Privacy Mode

Testimonials for Privacy Mode

Importance of a community for data privacy for India's technology ecosystem

Free updates

Be the first follower!

Follow

Privacy Mode was launched in April 2020 as a platform to aggregate learnings from India’s tech ecosystem about doing better data privacy and improving trust among consumers.

With two years behind, what is the relevance of Privacy Mode to industry practitioners? Tell us how Privacy Mode can make an impact.

Hosted by

Deep dives into privacy and security, and understanding needs of the Indian tech ecosystem through guides, research, collaboration, events and conferences. Sponsors: Privacy Mode’s programmes are sponsored by: more

Supported by

Omidyar Network India invests in bold entrepreneurs who help create a meaningful life for every Indian, especially the hundreds of millions of Indians in low-income and lower-middle-income populations, ranging from the poorest among us to the existing middle class. To drive empowerment and social i… more
We’re the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. As a hyperscale cloud service provider, AWS provides access to highly advanced computing tools on rent for startups and SMEs at affordable prices. We help t… more
about.facebook.com/meta

Rohan Verma

@rhnvrm

Using Privacy Mode BPGs

Submitted May 6, 2022

At Zerodha, we collect logs and ingest them into our pretty-much standard out-of-the-box setup of ELK with some minor configuration for scaling up. Due to our regulatory obligations, we need to have specific retention policies for storing logs. These could include access logs as well as application logs which are usually ingested from various multiple instances of internal apps. We apply the masking to critically sensitive data, for example, application access tokens which can be potentially used to gain temporary unauthorized access to the systems.
Due to reasons such as regular audits by regulator-appointed system auditors we are subject to storing logs without masking certain PII or user identifiers. This is needed to provide audit trails for the auditor to review as well as handle and respond to user complaints, for example, to the exchanges. We, therefore, store data as per the regulations, but on the UI as well at the application level mask the data, for example, our API responses, which are then displayed to the outside world.
We can validate that it’s a sensible choice to follow the guide shared by Ayush (Masking Sensitive Data Logs with Logstash). It is not that difficult to implement and it should be adopted as a best practice by other organizations as well.

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

Deep dives into privacy and security, and understanding needs of the Indian tech ecosystem through guides, research, collaboration, events and conferences. Sponsors: Privacy Mode’s programmes are sponsored by: more

Supported by

Omidyar Network India invests in bold entrepreneurs who help create a meaningful life for every Indian, especially the hundreds of millions of Indians in low-income and lower-middle-income populations, ranging from the poorest among us to the existing middle class. To drive empowerment and social i… more
We’re the world’s most comprehensive and broadly adopted cloud platform, offering over 200 fully featured services from data centers globally. As a hyperscale cloud service provider, AWS provides access to highly advanced computing tools on rent for startups and SMEs at affordable prices. We help t… more
about.facebook.com/meta